Interested to Buy Any Domain ? << Click Here >> for more details...
Change control procedures to prevent scope creep during an
application development project should be defined during:
A. design.
B. feasibility.
C. implementation.
D. requirements definition.
- 2 Answers
- 6512 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / guest
Answer: A
The change control procedures are generally common for
applications within one organization; however, the
application-specific change control procedures are to be
defined during the design phase of SDLC and should be based
on the modules in the software. The other choices are
incorrect. It is too early to define change control
procedures during the feasibility phase, and it would also
be too late during the implementation phase and after the
implementation of software.
| Is This Answer Correct ? | 5 Yes | 2 No |
In addition to the backup considerations for all systems, which of the following is an important consideration in providing backup for online systems? A. Maintaining system software parameters B. Ensuring periodic dumps of transaction logs C. Ensuring grandfather-father-son file backups D. Maintaining important data at an off-site location
The PRIMARY objective of an IS audit function is to: A. determine whether everyone uses IS resources according to their job description. B. determine whether information systems safeguard assets, and maintain data integrity. C. examine books of accounts and relative documentary evidence for the computerized system. D. determine the ability of the organization to detect fraud.
Which of the following is the MOST critical element of an effective disaster recovery plan (DRP)? A. Offsite storage of backup data B. Up-to-date list of key disaster recovery contacts C. Availability of a replacement data center D. Clearly defined recovery time objective (RTO)
During an implementation review of a multiuser distributed application, the IS auditor finds minor weaknesses in three areas-the initial setting of parameters is improperly installed, weak passwords are being used and some vital reports are not being checked properly. While preparing the audit report, the IS auditor should: A. record the observations separately with the impact of each of them marked against each respective finding. B. advise the manager of probable risks without recording the observations, as the control weaknesses are minor ones. C. record the observations and the risk arising from the collective weaknesses. D. apprise the departmental heads concerned with each observation and properly document it in the report.
The FIRST task an IS auditor should complete when performing an audit in an unfamiliar area is to: A. design the audit programs for each system or function involved. B. develop a set of compliance tests and substantive tests. C. gather background information pertinent to the new audit. D. assign human and economical resources.
Which of the following functions is performed by a virtual private network (VPN)? A. Hiding information from sniffers on the net B. Enforcing security policies C. Detecting misuse or mistakes D. Regulating access
When auditing the requirements phase of a system development project, an IS auditor would: A. assess the adequacy of audit trails. B. identify and determine the criticality of the need. C. verify cost justifications and anticipated benefits. D. ensure that control specifications have been defined.
Change management procedures are established by IS management to: A. control the movement of applications from the test environment to the production environment. B. control the interruption of business operations from lack of attention to unresolved problems. C. ensure the uninterrupted operation of the business in the event of a disaster. D. verify that system changes are properly documented.
A data center has a badge-entry system. Which of the following is MOSTimportant to protect the computing assets in the center? A. Badge readers are installed in locations where tampering would be noticed B. The computer that controls the badge system is backed up frequently C. A process for promptly deactivating lost or stolen badges exists D. All badge entry attempts are logged
Which of the following is an IS control objective? A. Output reports are locked in a safe place. B. Duplicate transactions do not occur. C. System backup/recovery procedures are updated periodically. D. System design and development meet users' requirements.
Security administration procedures require read-only access to: A. access control tables. B. security log files. C. logging options. D. user profiles.
To determine which users can gain access to the privileged supervisory state, which of the following should an IS auditor review? A. System access log files B. Enabled access control software parameters C. Logs of access control violations D. System configuration files for control options used
Cisco Certifications 
